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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.1 14. Applicant's submission filed on August 
7, 2009 has been entered. 

Aci^nowiedgments 

2. Applicants' amendment filed on August 7, 2009 is acknowledged. Accordingly 
claims 5, 8-12, and 51-59 remain pending. 

Claim Rejections - 35 (JSC §112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. ClalnB58 and 59 . are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. Specifically it would be unclear to one of ordinary 
skill in the art to understand the technical meaning of "wherein said script character 
encodes a signal to execute code (claim 58 and 59). 
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Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 5, 8-10 and 51-57. are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Ji, US Patent No. 6,272,641 B1. 

7. As per claims 5 and 57 , Ji discloses a method for protecting a network server 
from being used as the basis of an attack on a network client, the method comprising: 

scanning a trusted portion of said network server to find executable commands 
inserted by an unwanted party, said executable commands being associated with a 
selected programming language, wherein said trusted portion is a subset of said 
network server (see fig. 1 , which discloses scanner 26] col. 3, lines 20-35, 
which discloses that "at this point the applets are statically 
scanned at the server by the scanner looking for particular 
Instructions which may be problematic In a security context. 
The Identified problematic Instructions are then each 
instrumented, e.g. special code is inserted before and after 
each problematic instruction...); and. 
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at least one of editing and removing at least a portion of said executable 
commands such that said executable commands still remain in said trusted portion, but 
cannot be executed by said network client, wherein if editing, said editing of said 
executable commands comprises replacing particular characters within said executable 

commands (col. 3, lines 10-45, which discloses that the identified 
problematic instructions are then each instrumented^ e,g. 
special code is inserted he fore and after each problematic 
instruction^ where the special code calls respectively a 
prefilter and a post filter ...the instrumentation involves 
replacing the problematic instruction with another 
instruction...; col. 3, lines 50-60, which discloses that "tlie 
suspicious instructions each zaay (or may not) be instrumented as 
described above; the instrumentation involves altering 
suspicious instructions such as by adding code (such as the pre- 
and post-filter calls) or altering the suspicious instructions 
by replacing any suspicious instructions with other instructions) 

What Ji does not explicitly teach is the use of the claim phrase "at least one of 
editing and removing a portion of said executable command." However a person of 
ordinary skill in the art would recognize that the art of editing and removing an 
executable command is equivalent to replacing the problematic code with another 
instruction and/or altering the suspicious instructions and replacing it. Accordingly, it 
would have been obvious to one of ordinary skill in the art at the time of the invention to 
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modify Ji by substituting the replacing the problematic code with another instruction with 
editing and removing at least a portion of the executable command as claimed. 

8. As per claim 8 , Ji discloses the further comprising rejecting a request when said 
request contains said executable command having a hostile character (col. 3, lines 20- 
45, which discloses that if the security policy is violated the particular instruction which 
violates the security policy is not executed...). 

9. As per claim 9, Ji further discloses the method, further comprising logging said 
executable commands to form a security log (col. 2, lines 25-45). 

10. As per claim 10. Ji further discloses the method, further comprising reviewing 
said security log to determine whether said executable commands are hostile (col. 3, 
lines 20-45). 

11. As per claim 51 . Ji further discloses the method, wherein the executable 
commands cause an unwanted action when executed (col. 3, lines 20-45). 

12. As per claim 52 . Ji further discloses the method, wherein the executable 
commands are malicious (col. 3, lines 20-45; col. 6, lines 35-45, which discloses when 
applet is determined to be dangerous i.e. involving malicious code). 
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13. As per claim 53 . Ji discloses the method, further comprising receiving a request 
for connection at said network server from network client (col. 2, lines 45-60). 

14. As per claim 54 , Ji disclose the method, further comprising verifying that a 
response from said network server to said network client is void of said executable 
commands (col. 3, lines 35-45). 

15. As per claim 55 , Ji discloses the method, further comprising providing said 
response from said network server to said network client (col. 3, lines 35-65) 

16. As per claim 56. Ji further discloses the method, wherein said programming 
language comprises javascript (see fig. 1; col. 1, lines 15-30). 

17. As per claim 58 . Ji further disclose the method wherein said editing comprises 
converting a script format character to another character, wherein said script character 
encodes a signal to execute code (col. 3, lines 50-60). 

18. As per claim 59. Ji further discloses the method wherein said removing 
comprises removing a script format character, wherein said script format character 
encodes a signal to execute code (col. 3, lines 50-60) 
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19. Claims 11-12 . are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ji, US Patent No. 6,272,641 B1 and further in view of Guheen et al (liereinafter 
"Guheen") U.S. Patent No. 6,473,794 B1. 

20. As per claim 11 , Ji failed to explicitly disclose the method, wherein said 
protection of the network server is accomplished during an electronic purchase 
transaction. 

Guheen further discloses the method, wherein said protection of the network 
server is accomplished during an electronic purchase transaction (column 251, lines 34- 
36). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, wherein said protection of 
the network server is accomplished during an electronic purchase transaction in view of 
the teachings of Guheen in order to ensure adequate security of the transaction 

21 . As per claim 12 . Ji failed to explicitly disclose the method wherein the electronic 
purchase transaction is conducted using a digital wallet 

Guheen further discloses the method, wherein the electronic purchase 
transaction is conducted using a digital wallet (column 17, Java wallet; column 261, lines 
30-53). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time of the invention to modify Kuo to incorporate the method, wherein the electronic 
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purchase transaction is conducted using a digital wallet in view of the teachings of 
Guheen in order to ensure adequate security of the transaction. 



Conclusion 

22. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Charles C.L. Agwumezie whose number is (571) 272- 
6838. The examiner can normally be reached on Monday - Friday 8:00 am - 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Calvin Hewitt can be reached on (571) 272 - 6709. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http ://pa i r-d i rect. uspto . go v . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Charlie C Agwumezie/ 
Primary Examiner, Art Unit 3685 
November 16, 2009 



